Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
File: OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft (raw, json)
Hash identifier: 6ZSllYcTp/E73o1tFP6lgHu4d5VQtiZ4d48z6mMUiQo=
Subject key identifier: D0:84:75:1D:D2:DC:11:0C:E3:20:1F:57:4A:CC:9C:9E:62:9E:10:E9
Authority key identifier: 38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
Certificate issuer: /CN=38728e9bd37399df9ffae587bd06884b350a65b7
Certificate serial: 019D9B19A2B36D437F5BAB4494210F888B4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
Manifest number: 17AD
Signing time: Fri 17 Apr 2026 11:00:41 +0000
Manifest this update: Fri 17 Apr 2026 11:00:41 +0000
Manifest next update: Sat 18 Apr 2026 11:00:41 +0000
Files and hashes: 1: AfDUmyK_-yRdfu3oY0w-ZmuI_n8.roa (hash: LsPuKpZEctSg8i+4uevFKA+sYuA+iu39H7g8hC66rsA=)
2: OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl (hash: duzCaUZkl0nZ7RdhA1BkF0CwlSMIshOwk8wlbBadeaY=)
3: REMby4Ya31OA35rY4teZSHIa0ew.roa (hash: XyeGvAoenWA3MJIYVq931n9fMFmepWjFnS5c3uEtCFE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Apr 2026 11:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:9b:19:a2:b3:6d:43:7f:5b:ab:44:94:21:0f:88:8b:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38728e9bd37399df9ffae587bd06884b350a65b7
Validity
Not Before: Apr 17 11:00:41 2026 GMT
Not After : Apr 18 11:00:41 2026 GMT
Subject: CN=d084751dd2dc110ce3201f574acc9c9e629e10e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:f6:a8:91:55:6d:94:c5:ff:c6:8b:17:3b:cc:
b5:31:aa:52:8b:94:58:8f:d3:87:e9:71:b7:44:d4:
97:90:8e:70:3b:71:f3:a3:10:04:63:93:1c:3b:c1:
71:54:f0:9e:a1:da:68:17:e0:4b:25:4f:5b:47:13:
57:70:a0:a6:d7:d5:82:c3:6e:61:5e:1d:6d:00:39:
f9:19:f7:55:e1:76:6a:15:55:88:16:71:ad:2d:3d:
d0:b1:6a:48:a1:a2:88:96:41:97:45:d1:4e:65:91:
cb:35:d6:08:2a:3b:34:9b:89:29:ac:43:bb:19:72:
5f:38:e1:29:c1:df:f3:e1:20:5d:23:0f:9b:68:63:
82:04:ba:65:ac:c7:c3:83:18:5a:7b:4c:eb:9b:60:
bc:18:6e:0a:23:1f:1c:67:b5:69:58:4e:fc:12:a4:
ef:77:27:2d:bc:87:6b:64:98:da:5e:73:a5:06:a3:
d9:50:86:d3:81:6e:f6:a4:a2:cb:ca:4b:10:a8:54:
0a:1c:0b:a0:68:53:cd:b0:bb:ee:d3:da:eb:31:a3:
28:1a:2b:94:dc:ad:af:f8:cf:cf:3c:5a:4b:7d:99:
45:0a:a6:5c:6e:35:f4:39:41:07:16:ad:01:34:d3:
22:db:21:3a:2c:c3:b4:cd:98:4d:25:b4:a7:b2:7a:
28:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:84:75:1D:D2:DC:11:0C:E3:20:1F:57:4A:CC:9C:9E:62:9E:10:E9
X509v3 Authority Key Identifier:
keyid:38:72:8E:9B:D3:73:99:DF:9F:FA:E5:87:BD:06:88:4B:35:0A:65:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OHKOm9Nzmd-f-uWHvQaISzUKZbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/be3e25-881c-4aec-a932-f8cfa33d684e/1/OHKOm9Nzmd-f-uWHvQaISzUKZbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
1d:2e:07:77:b9:88:c8:0f:24:4b:aa:6c:ac:3b:62:bf:fd:36:
25:44:7f:8e:67:84:47:66:99:3f:7b:1e:9b:a4:f6:5a:ec:68:
7e:42:32:53:6b:37:3f:08:29:b0:1d:cf:96:d9:87:0f:6c:64:
ac:fa:58:11:50:69:53:fe:b3:72:2c:96:0b:55:99:23:b8:7c:
32:76:09:28:59:61:e7:63:a9:d0:4a:d9:f3:98:2c:04:49:5d:
17:dd:53:86:54:c4:4e:d5:24:4a:84:a9:69:dd:f4:94:2d:21:
ad:4d:3c:6e:4f:0b:8e:d3:8e:fb:9b:4b:3e:0a:db:62:cd:f7:
dc:95:1f:ea:56:80:a7:43:e8:20:6d:0e:12:39:0a:04:da:94:
67:39:38:18:72:9b:63:61:13:6b:a7:d3:a6:5a:4a:f4:4c:00:
09:3a:03:3b:ab:40:33:aa:51:05:b4:9f:28:f2:7c:fc:e7:d0:
b4:ed:e8:f2:0a:d6:e0:9d:60:f0:f1:37:1d:3f:11:e0:77:35:
7f:82:a7:b0:02:52:13:00:67:59:b2:7d:07:38:48:51:82:68:
9b:95:92:3a:a0:a5:0b:7f:ae:39:00:8a:29:a6:e3:b4:77:a6:
cd:ae:40:74:6d:2a:27:0c:04:14:c2:1a:ea:4e:91:f6:fb:28:
a2:9c:16:8a
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ2bGaKzbUN/W6tElCEPiItNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NzI4ZTliZDM3Mzk5ZGY5ZmZhZTU4N2JkMDY4ODRiMzUw
YTY1YjcwHhcNMjYwNDE3MTEwMDQxWhcNMjYwNDE4MTEwMDQxWjAzMTEwLwYDVQQD
EyhkMDg0NzUxZGQyZGMxMTBjZTMyMDFmNTc0YWNjOWM5ZTYyOWUxMGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjfaokVVtlMX/xosXO8y1MapSi5RY
j9OH6XG3RNSXkI5wO3HzoxAEY5McO8FxVPCeodpoF+BLJU9bRxNXcKCm19WCw25h
Xh1tADn5GfdV4XZqFVWIFnGtLT3QsWpIoaKIlkGXRdFOZZHLNdYIKjs0m4kprEO7
GXJfOOEpwd/z4SBdIw+baGOCBLplrMfDgxhae0zrm2C8GG4KIx8cZ7VpWE78EqTv
dyctvIdrZJjaXnOlBqPZUIbTgW72pKLLyksQqFQKHAugaFPNsLvu09rrMaMoGiuU
3K2v+M/PPFpLfZlFCqZcbjX0OUEHFq0BNNMi2yE6LMO0zZhNJbSnsnooiwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNCEdR3S3BEM4yAfV0rMnJ5inhDpMB8GA1UdIwQY
MBaAFDhyjpvTc5nfn/rlh70GiEs1CmW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzIt
ZjhjZmEzM2Q2ODRlLzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9iZTNlMjUtODgxYy00YWVjLWE5MzItZjhjZmEzM2Q2ODRl
LzEvT0hLT205TnptZC1mLXVXSHZRYUlTelVLWmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAHS4Hd7mI
yA8kS6psrDtiv/02JUR/jmeER2aZP3sem6T2WuxofkIyU2s3PwgpsB3PltmHD2xk
rPpYEVBpU/6zciyWC1WZI7h8MnYJKFlh52Op0ErZ85gsBEldF91ThlTETtUkSoSp
ad30lC0hrU08bk8LjtOO+5tLPgrbYs333JUf6laAp0PoIG0OEjkKBNqUZzk4GHKb
Y2ETa6fTplpK9EwACToDO6tAM6pRBbSfKPJ8/OfQtO3o8grW4J1g8PE3HT8R4Hc1
f4KnsAJSEwBnWbJ9BzhIUYJom5WSOqClC3+uOQCKKabjtHemza5AdG0qJwwEFMIa
6k6R9vsoopwWig==
-----END CERTIFICATE-----
Generated at Fri Apr 17 19:47:01 2026 by rpki-client